Security Scan Report: votes-rr.click

Redirected to:
https://consent.google.com/m?continue=https://news.google.com/&gl=DE&m...
Submitted: Jul 1, 2026, 7:19:14 PMCompleted: Jul 1, 2026, 7:20:23 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 1 country across 5 domains to perform 2 HTTP transactions. The main domain is consent.google.com and was registered NaN years ago.

Submitted URL: https://votes-rr.click/

Effective URL: https://consent.google.com/m?continue=https://news.google.com/&gl=DE&m=0&pc=n&cm=2&hl=en-US&src=1Redirected

AI Security Verdict

Moderate Risk

Confidence: 72%

5
Risk Score

The site shows a Google‑style consent page with heavy JavaScript obfuscation but no credential collection; moderate risk due to unranked domain and deceptive redirect.

Risk Factors
Unranked/low‑reputation domain
Redirect chain to a Google consent page
Highly obfuscated JavaScript
Safety Factors
Domain age > 28 years (well‑established)
No credential or payment collection forms
No malicious IoC or IDS detections
Verdict cited a credential/login form, but DOM analysis found no password field (real or disguised) or payment field, and no other hard signal — credential-phishing framing unsupported; risk adjusted from 5 to 5
Domain age information unavailable

Details

Page Title

Before you continue

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

adult content

(46%)

Domain Information

The domain name 'votes-rr.click' uses the .click top-level domain while skipping any subdomain. The core label 'votes-rr' covers 8 characters split between two vowels and five consonants; bonus characters include one hyphen. Tokenizing the label suggests two words: votes, rr. Median word length comes out to 3.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://votes-rr.click/

Page Load Overview

0.77s
Total Load Time
15
HTTP Requests
6
Domains
147 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:3,018 chars
Detector Agreement:100%

Website Classification

Primary Category

adult content46% confidence
Type: webapp
Method: ml+structural

All Detected Categories

adult content
46%
education learning
44%
news media journalism
37%
healthcare medical
29%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
631.76.98.150United States
AS206134Nekobyte International Limited
3142.251.14.139United States
3142.251.110.94United StatesUnknown
3142.251.20.100United StatesUnknown
154--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1A1D477CB9131F07EEA73A5F199C86B4DF3D94895F11A0672B978B52702DFDA22252330

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6144:1puq3j6/8+Oq3j6/8+Iq3j6/8+tq3j6/8+eq3j6/8+dQISNt1/tjTunCikWfH:1GjTunCikW/

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:657003:gMngAIQLAQWwLgAwgKblFgkvJCBySo/g4YSgKBCDAhDAkBAKiUIAlEG1MaBAKwRgAAokiiABgJKDwSEIFQIKQVvAYIQBwyzS

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:feffe7e7e7e7e7e7
Perceptual Hash:f3dd44dc52547298
Difference Hash:000c0c0c0c0c0c4d
Wavelet Hash:c6c6c6c6c6c6c6c6
Color Hash:#d29a79

Other Hashes

Crop Resistant:000c0c0c0c0c0c4d

Scan History

Scan history not available

Unable to load historical scan data